101 to 125 of 269 Incident Response Jobs in the UK excluding London

diagrams, and evidence packs. Chair the Cyber Security Working Group and support regional security leads. Assist the Security Architect with deploying new controls. Deliver incident response: triage escalations, coordinate crisis response, provide out-of-hours support, and perform post-incident reviews. What We're Looking … Required Experience: Degree or equivalent experience plus relevant security certifications (Security+, CEH, CySA+, Cloud Security Engineer). Significant experience in cyber security operations or incident response. Hands-on expertise with Microsoft Defender, Sentinel, Tenable, CASB, and cloud security (AWS/Azure). Proven security project delivery, PowerShell automation skills ...

worldwide team that is empowered to operate the activities within their assigned function. Daily activities will focus heavily on request, event and incident management and direction will be provided by the Information Security Manager. Norton Rose Fulbright is committed to the professional development of its staff. There will … such as , Zscaler, Mimecast, Proofpoint, or Cisco. Experience with securing cloud environments (AWS, Azure, GCP), including configuration management, identity and access controls, monitoring, and incident response. Familiarity with cloud security tools (e.g., Microsoft Defender for Cloud, AWS Security Hub), and cloud compliance frameworks (e.g., CIS, CSA CCM) is highly ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. ...

ideal for a graduate or early-career technologist looking to build hands-on experience across cyber security, automation, Python development, cloud infrastructure, APIs and incident response . You will work alongside experienced engineers delivering security automation and software solutions that protect enterprise systems and digital platforms. Key Responsibilities … Develop and maintain Python automation scripts to support security operations and incident response. Support security tooling and automation platforms used within a Security Operations (SOC) environment . Assist with configuration and maintenance of Linux-based systems , security hardening and patching. Build and support API integrations between internal systems ...

Implement and manage comprehensive monitoring, logging, and alerting systems (e.g., Prometheus, Grafana, ELK Stack) to provide deep insights into system behavior and ensure rapid incident detection. Lead Incident Management: Participate in our on-call rotation, acting as a key player in incident response and resolution. ...

have the freedom to make a real impact—defining strategy, driving continual improvement, and mentoring talented analysts to deliver world-class detection and response capabilities. As the SOC Operations Manager, you will: Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence. Oversee … enhance detection and automation capabilities. Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards. Oversee vulnerability management, threat intelligence, and incident response plans. Communicate security posture, risks, and incident outcomes clearly to senior stakeholders. Ensure operational readiness and contribute to maintaining industry accreditations. Have ...

maintaining, and improving core security controls across network, cloud, and endpoint environments. You will play a key part in strengthening defensive capabilities and supporting incident response activities. You can work remotely but there are also multiple offices for the employees. Client Details A UK-based not for profit … modernising cyber security and cloud infrastructure. Description Manage and enhance security tooling including endpoint protection, content filtering, email security, and vulnerability scanning. Deliver technical incident analysis and response, supporting containment, remediation, and service improvement. Configure and support firewalls, networks, Microsoft security platforms, and cloud security controls. Conduct technical ...

security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud services ...

globally recognised leader in technology services and digital transformation with hiring a Senior Security SME to take ownership of advanced security engineering, escalated incident response, and threat hunting across a Microsoft-centric SIEM and XDR environment. This is a hands-on L3 role focused on Microsoft Sentinel … optimising Microsoft Sentinel, including log onboarding, connectors, parsers, and data normalisation Monitoring and optimising Sentinel and Defender licensing and ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections ...

detect, analyse, and respond to security threats in real-time. Proactively identify vulnerabilities and risks through regular assessments and penetration testing and lead incident response efforts for cloud-related security breaches, ensuring minimal downtime and data loss. Develop automated workflows for vulnerability management, incident detection, and response. ...

crisis scenarios. Drive operational excellence Oversee 24/7 monitoring to ensure strong network performance and quick issue resolution. Lead security detection, escalation, and response processes to keep threats at bay. Own incident and crisis management Build and refine SOC incident response playbooks. Lead high-impact ...

lead and develop their Technical Support function. This role is ideal for a service-driven leader with a strong ITIL Service Management background proven Incident Management expertise and ideally a knowledge of networking. You will lead technical support-focused shift teams, own major incident processes … bridge between technical teams and senior stakeholders. Key Responsibilities Lead, mentor, and develop Technical Support/Service Desk teams Own and manage Incident, Problem, and Change Management processes in line with ITIL best practice Drive service performance through KPIs, SLAs, and continual service improvement (CSI) Ensure robust incident ...

across IT projects, platforms, and operational environments Act as the security lead for assigned IT projects, ensuring alignment with security policies and standards Oversee incident response, investigations, and post-incident reviews for IT security events Ensure compliance with information security frameworks, regulatory requirements, and internal controls Work ...

technology roadmaps Support compliance with frameworks such as ISO27001 and GDPR Contribute to supplier selection and procurement, ensuring security requirements are met Support incident response activities and post-incident remediation Stay current with emerging threats, vulnerabilities and security technologies Essential Experience & Skills: Strong background in security architecture ...

Actions, Jenkins, CircleCI). Solid understanding of Linux systems and scripting (Bash, PowerShell, Python). Familiarity with security principles , SIEM/SOC tools, or incident response. Knowledge of networking fundamentals and APIs. Excellent problem-solving and communication skills. Nice to Have Experience with containerization (Docker, Kubernetes). Exposure ...

start in the New Year, please reach out! The role: Monitor, triage, and investigate security alerts and incidents using SIEM tools Support SOC incident triage, assessing scope, urgency, and mitigation actions Assist with incident response activities, including investigation and remediation Manage and respond to security-related support … tool Perform BAU security operations tasks, including daily security checks Analyse and trend security log data to identify threats and patterns Support vulnerability triage, response, and mitigation across IT teams Assist with remediation activities, including reviewing vulnerability scans and penetration test results Participate in threat hunting and development ...

Support Security Teams Assist other Group Security teams by providing vulnerability-specific intelligence. Contribute to building a shared knowledge repository for all teams. 9. Incident Support Assist in analysing and resolving security incidents, focusing on vulnerability-related aspects. Use post-incident reviews to pre-empt vulnerabilities and improve … communication skills for reporting and stakeholder engagement. Ability to collaborate with cross-functional teams, including SOC, IT, and external vendors. Problem-Solving Experience in incident response and remediation strategies for vulnerabilities. Creative thinking for implementing counterintuitive solutions (e.g., gamification, predictive analytics). Leadership and Mentorship Proven ability ...

with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier … threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security ...

Incident and Problem Manager Birmingham - Hybrid (2 - 3 days a week) £70,000 - £75,000 + Bonus Our client is a global leader in consumer services, they are looking for an Incident and Problem Manager to take ownership of major incident response and problem management across … ITIL. We're looking to speak with candidates who possess: Proven experience within a global environment Excellent knowledge of ITIL processes Experience leading incident bridges, coordinating cross-functional technical teams, and communicating with senior stakeholders Experience working with offshore or distributed support teams Excellent communication skills are essential ...

manner. Specifically you will: Support the rest of the security operations team to monitor, triage and investigate alerts and incidents within Sentinel Conduct initial incident triage, determining scope, urgency and appropriate actions to mitigate threats. Participate in the incident response process, assisting with investigation and remediation. Support … ITSM tool. Undertake BAU activities such as daily checks. Assist with analysing and trending of security log data. Support triaging of vulnerabilities, response and mitigation with teams across IT. Support remediation actions meetings across technical teams including evaluating and translating vulnerability scan and pentest results. Support with Threat Hunting ...

security, reliability, and cost management . Automation & Infrastructure as Code : Develop and maintain automation scripts and infrastructure using Kubernetes and Terraform . Monitoring & Incident Response : Build and enhance monitoring, alerting, and observability solutions. Respond to incidents, perform root cause analysis, and drive continuous improvement. Collaboration : Partner with software ...

alerts. Deploying, scaling, and managing containerised applications using tools like Kubernetes for clients who require container platforms Support patching, vulnerability remediation, and security incident response activities to maintain secure environments. Assist with the operational management of data platforms, including storage, protection, replication, and automation of data workflows. Manage ...

with SIEM technologies and security tooling An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management An understanding of the incident response lifecycle T he ability to work in a close team and independently The ability to be adaptable to a high pace changeable … monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement The role involves working alongside other team ...

Experience required: Significant experience in information and cyber security governance, risk, and compliance roles, in a global context Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management. In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). ...